Support changing the built-in ccache/keytab names

* Add DEFCCNAME, DEFKTNAME, and DEFCKTNAME configure variables to
  change the built-in ccache and keytab names.
* Add krb5-config options to display the built-in ccache and keytab
  names.
* In the default build, use krb5-config to discover the system's
  built-in ccache and keytab names and use them (if not overridden).
  This can be controlled with the --with-krb5-config=PATH or
  --without-krb5-config configure options.
* Make the built-in ccache name subject to parameter expansion.

ticket: 7221 (new)

diff --git a/doc/rst_source/conf.py b/doc/rst_source/conf.py
index c4203a24cba50b2854fadc7525e20bfe82ce7e5f..031a1a745e54b679ef6e30ef19cbdc28c0e822d5 100644 (file)
--- a/doc/rst_source/conf.py
+++ b/doc/rst_source/conf.py
@@ -216,6 +216,9 @@ if 'mansubs' in tags:
     libdir = '``@LIBDIR@``'
     localstatedir = '``@LOCALSTATEDIR@``'
     sysconfdir = '``@SYSCONFDIR@``'
+    ccache = '``@CCNAME@``'
+    keytab = '``@KTNAME@``'
+    ckeytab = '``@CKTNAME@``'
 elif 'pathsubs' in tags:
     # Read configured paths from a file produced by the build system.
     execfile('paths.py')
@@ -225,6 +228,9 @@ else:
     libdir = ':ref:`LIBDIR <paths>`'
     localstatedir = ':ref:`LOCALSTATEDIR <paths>`'
     sysconfdir = ':ref:`SYSCONFDIR <paths>`'
+    ccache = ':ref:`DEFCCNAME <paths>`'
+    keytab = ':ref:`DEFKTNAME <paths>`'
+    ckeytab = ':ref:`DEFCKTNAME <paths>`'
 
 rst_epilog = '\n'
 rst_epilog += '.. |bindir| replace:: %s\n' % bindir
@@ -232,10 +238,10 @@ rst_epilog += '.. |sbindir| replace:: %s\n' % sbindir
 rst_epilog += '.. |libdir| replace:: %s\n' % libdir
 rst_epilog += '.. |kdcdir| replace:: %s\\ ``/krb5kdc``\n' % localstatedir
 rst_epilog += '.. |sysconfdir| replace:: %s\n' % sysconfdir
+rst_epilog += '.. |ccache| replace:: %s\n' % ccache
+rst_epilog += '.. |keytab| replace:: %s\n' % keytab
+rst_epilog += '.. |ckeytab| replace:: %s\n' % ckeytab
 rst_epilog += '''
-.. |ccache| replace:: ``/tmp/krb5cc_<uid>``
-.. |clkeytab| replace:: ``/etc/krb5.client-keytab``
-.. |keytab| replace:: ``/etc/krb5.keytab``
 .. |krb5conf| replace:: ``/etc/krb5.conf``
 .. |defkeysalts| replace:: ``aes256-cts-hmac-sha1-96:normal aes128-cts-hmac-sha1-96:normal des3-cbc-sha1:normal arcfour-hmac-md5:normal``
 .. |defetypes| replace:: ``aes256-cts-hmac-sha1-96 aes128-cts-hmac-sha1-96 des3-cbc-sha1 arcfour-hmac-md5 des-cbc-crc des-cbc-md5 des-cbc-md4``

diff --git a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
index 26a8818f39ea7678def2a0dad0a03a5e330d8064..ee7344c5d8be3bf1487eec02d4ce179453cf27e9 100644 (file)
--- a/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
+++ b/doc/rst_source/krb_admins/conf_files/krb5_conf.rst
@@ -141,7 +141,7 @@ The libdefaults section may contain any of the following relations:
 
 **default_client_keytab_name**
     This relation specifies the name of the default keytab for
-    obtaining client credentials.  The default is |clkeytab|.  This
+    obtaining client credentials.  The default is |ckeytab|.  This
     relation is subject to parameter expansion (see below).
 
 **default_keytab_name**

diff --git a/doc/rst_source/krb_basic/keytab_def.rst b/doc/rst_source/krb_basic/keytab_def.rst
index 3f1f0de10b5714d5bbb99eff86bbf2aee0eff048..1064765fee571ebf539d6a5abe1cc53aa8087e31 100644 (file)
--- a/doc/rst_source/krb_basic/keytab_def.rst
+++ b/doc/rst_source/krb_basic/keytab_def.rst
@@ -58,4 +58,4 @@ decreasing order of preference:
 #. The **default_client_keytab_name** profile variable in
    :ref:`libdefaults`.
 
-#. The hardcoded default, ``FILE:``\ |clkeytab|.
+#. The hardcoded default, ``FILE:``\ |ckeytab|.

diff --git a/doc/rst_source/krb_build/options2configure.rst b/doc/rst_source/krb_build/options2configure.rst
index 75cb925969b935b7c966748926e5cd971c0e85e3..3df2a45c709316df1aef020ad64eedaa7ae7c8dd 100644 (file)
--- a/doc/rst_source/krb_build/options2configure.rst
+++ b/doc/rst_source/krb_build/options2configure.rst
@@ -118,6 +118,15 @@ Environment variables
     Berkeley DB library version to be used, override it with this
     option. For example, ``DB_LIB=-ldb-3.3``.
 
+**DEFCCNAME=**\ *ccachename*
+    Override the built-in default credential cache name.
+
+**DEFCKTNAME=**\ *keytabname*
+    Override the built-in default client keytab name.
+
+**DEFKTNAME=**\ *keytabname*
+    Override the built-in default keytab name.
+
 **LD=**\ *LINKER*
     Use *LINKER* as the default loader if it should be different from
     C compiler as specified above.
@@ -374,6 +383,13 @@ Optional packages
     Specifying **--without-system-verto** will cause the built-in
     version of libverto to be used unconditionally.
 
+**--with-krb5-config=**\ *PATH*
+    Use the krb5-config program at *PATH* to obtain the build-time
+    default credential cache, keytab, and client keytab names.  The
+    default is to use ``krb5-config`` from the program path.  Specify
+    ``--without-krb5-config`` to disable the use of krb5-config and
+    use the usual built-in defaults.
+
 
 Examples
 --------

diff --git a/doc/rst_source/krb_users/user_commands/kdestroy.rst b/doc/rst_source/krb_users/user_commands/kdestroy.rst
index 7676dc496388ed1214776a99f67b60449f2448e0..b8c67aba4cc62d4b69d421788241de7e8876b1e9 100644 (file)
--- a/doc/rst_source/krb_users/user_commands/kdestroy.rst
+++ b/doc/rst_source/krb_users/user_commands/kdestroy.rst
@@ -67,9 +67,8 @@ kdestroy uses the following environment variable:
 FILES
 -----
 
-``/tmp/krb5cc_[uid]``
-    Default location of Kerberos 5 credentials cache ([*uid*] is the
-    decimal UID of the user).
+|ccache|
+    Default location of Kerberos 5 credentials cache
 
 
 SEE ALSO

diff --git a/doc/rst_source/krb_users/user_commands/kinit.rst b/doc/rst_source/krb_users/user_commands/kinit.rst
index 3636106fc5c9a8e890cec92bcac7587421060313..c28fd29b6c380c00cd8ebaf71ad9cc02040b69ea 100644 (file)
--- a/doc/rst_source/krb_users/user_commands/kinit.rst
+++ b/doc/rst_source/krb_users/user_commands/kinit.rst
@@ -198,9 +198,8 @@ kinit uses the following environment variables:
 FILES
 -----
 
-``/tmp/krb5cc_[uid]``
-    default location of Kerberos 5 credentials cache ([*uid*] is the
-    decimal UID of the user).
+|ccache|
+    default location of Kerberos 5 credentials cache
 
 |keytab|
     default location for the local host's keytab.

diff --git a/doc/rst_source/krb_users/user_commands/klist.rst b/doc/rst_source/krb_users/user_commands/klist.rst
index 0b867a867caedb6f24deb5bd90998b406ba52b1b..6eae5f475e5cc05d36364fe0f657557e293e78f0 100644 (file)
--- a/doc/rst_source/krb_users/user_commands/klist.rst
+++ b/doc/rst_source/krb_users/user_commands/klist.rst
@@ -116,9 +116,8 @@ klist uses the following environment variable:
 FILES
 -----
 
-``/tmp/krb5cc_[uid]``
-    Default location of Kerberos 5 credentials cache ([uid] is the
-    decimal UID of the user).
+|ccache|
+    Default location of Kerberos 5 credentials cache
 
 |keytab|
     Default location for the local host's keytab file.

diff --git a/doc/rst_source/krb_users/user_commands/kswitch.rst b/doc/rst_source/krb_users/user_commands/kswitch.rst
index 62134959b72f48a3669b13d9001e9cfbdd3d7629..261660dada5832679f61b797ac6476856fa2c261 100644 (file)
--- a/doc/rst_source/krb_users/user_commands/kswitch.rst
+++ b/doc/rst_source/krb_users/user_commands/kswitch.rst
@@ -46,9 +46,8 @@ kswitch uses the following environment variables:
 FILES
 -----
 
-``/tmp/krb5cc_[uid]``
-    Default location of Kerberos 5 credentials cache ([*uid*] is the
-    decimal UID of the user).
+|ccache|
+    Default location of Kerberos 5 credentials cache
 
 
 SEE ALSO

diff --git a/doc/rst_source/krb_users/user_commands/kvno.rst b/doc/rst_source/krb_users/user_commands/kvno.rst
index 4f2e2fd381f7b9500ceea92da508589395cd95aa..31ca24460670cf783d550a6ab821fd9f0fd2bf29 100644 (file)
--- a/doc/rst_source/krb_users/user_commands/kvno.rst
+++ b/doc/rst_source/krb_users/user_commands/kvno.rst
@@ -76,9 +76,8 @@ kvno uses the following environment variable:
 FILES
 -----
 
-``/tmp/krb5cc_[uid]``
-    Default location of the credentials cache ([*uid*] is the decimal
-    UID of the user).
+|ccache|
+    Default location of the credentials cache
 
 
 SEE ALSO

diff --git a/doc/rst_source/mitK5defaults.rst b/doc/rst_source/mitK5defaults.rst
index eca502fb4d1879e772412e1ad149789a938a23ed..c971d5684b68dc8e2279ad2d68936a8ced7906c7 100644 (file)
--- a/doc/rst_source/mitK5defaults.rst
+++ b/doc/rst_source/mitK5defaults.rst
@@ -10,7 +10,7 @@ General defaults
 Description                 Default                        Environment
 ==========================  =============================  ====================
 Keytab file                 ``FILE:``\ |keytab|            **KRB5_KTNAME**
-Client keytab file          ``FILE:``\ |clkeytab|          **KRB5_CLIENT_KTNAME**
+Client keytab file          ``FILE:``\ |ckeytab|           **KRB5_CLIENT_KTNAME**
 Kerberos config file        |krb5conf|\ ``:``\             **KRB5_CONFIG**
                             |sysconfdir|\ ``/krb5.conf``
 KDC config file             |kdcdir|\ ``/kdc.conf``        **KRB5_KDC_PROFILE**
@@ -58,12 +58,15 @@ subdirectories of ``/usr/local``.  When MIT krb5 is integrated into an
 operating system, the paths are generally chosen to match the
 operating system's filesystem layout.
 
-=======================  ===============  ===================  ===============
-Description             Symbolic name    Custom build path    Typical OS path
-=======================  ===============  ===================  ===============
-User programs           BINDIR           ``/usr/local/bin``   ``/usr/bin``
-Libraries and plugins    LIBDIR           ``/usr/local/lib``   ``/usr/lib``
-Parent of KDC state dir  LOCALSTATEDIR    ``/usr/local/var``   ``/var``
-Administrative programs  SBINDIR          ``/usr/local/sbin``  ``/usr/sbin``
-Alternate krb5.conf dir  SYSCONFDIR       ``/usr/local/etc``   ``/etc``
-=======================  ===============  ===================  ===============
+==========================  =============  ===========================  ===========================
+Description                 Symbolic name  Custom build path            Typical OS path
+==========================  =============  ===========================  ===========================
+User programs               BINDIR         ``/usr/local/bin``           ``/usr/bin``
+Libraries and plugins       LIBDIR         ``/usr/local/lib``           ``/usr/lib``
+Parent of KDC state dir     LOCALSTATEDIR  ``/usr/local/var``           ``/var``
+Administrative programs     SBINDIR        ``/usr/local/sbin``          ``/usr/sbin``
+Alternate krb5.conf dir     SYSCONFDIR     ``/usr/local/etc``           ``/etc``
+Default ccache name         DEFCCNAME      ``/tmp/krb5cc_%{UID}``       ``/tmp/krb5cc_%{UID}``
+Default keytab name         DEFKTNAME      ``/etc/krb5.keytab``         ``/etc/krb5.keytab``
+Default client keytab name  DEFCKTNAME     ``/etc/krb5.client-keytab``  ``/etc/krb5.client-keytab``
+==========================  =============  ===========================  ===========================

diff --git a/src/configure.in b/src/configure.in
index b1661f08b216d09903656c68af71736cd05477d0..c7c92d923dacb94c7304a6a08488ad5c0d1cd3f0 100644 (file)
--- a/src/configure.in
+++ b/src/configure.in
@@ -1251,6 +1251,41 @@ if test "${localedir+set}" != set; then
 fi
 AC_SUBST(localedir)
 
+# Build-time default ccache, keytab, and client keytab names.  These
+# can be given as variable arguments DEFCCNAME, DEFKTNAME, and
+# DEFCKTNAME.  Otherwise, we try to get the OS defaults from
+# krb5-config if we can, or fall back to hardcoded defaults.
+AC_ARG_VAR(DEFCCNAME, [Default ccache name])
+AC_ARG_VAR(DEFKTNAME, [Default keytab name])
+AC_ARG_VAR(DEFCKTNAME, [Default client keytab name])
+AC_ARG_WITH([krb5-config],
+       AC_HELP_STRING([--with-krb5-config=PATH],
+               [path to existing krb5-config program for defaults]), ,
+        [with_krb5_config=krb5-config])
+if test "x$with_krb5_config" != xno; then
+       if test "x$with_krb5_config" = xyes; then
+               with_krb5_config=krb5-config
+       fi
+       if $with_krb5_config --help 2>&1 | grep -q defccname; then
+               AC_MSG_NOTICE([Using $with_krb5_config for build defaults])
+               : "${DEFCCNAME=`$with_krb5_config --defccname`}"
+               : "${DEFKTNAME=`$with_krb5_config --defktname`}"
+               : "${DEFCKTNAME=`$with_krb5_config --defcktname`}"
+       fi
+fi
+if test "${DEFCCNAME+set}" != set; then
+       DEFCCNAME=FILE:/tmp/krb5cc_%{uid}
+fi
+: "${DEFKTNAME=FILE:/etc/krb5.keytab}"
+: "${DEFCKTNAME=FILE:/etc/krb5.client-keytab}"
+AC_MSG_NOTICE([Default ccache name: $DEFCCNAME])
+AC_MSG_NOTICE([Default keytab name: $DEFKTNAME])
+AC_MSG_NOTICE([Default client keytab name: $DEFCKTNAME])
+AC_DEFINE_UNQUOTED(DEFCCNAME, ["$DEFCCNAME"], [Define to default ccache name])
+AC_DEFINE_UNQUOTED(DEFKTNAME, ["$DEFKTNAME"], [Define to default keytab name])
+AC_DEFINE_UNQUOTED(DEFCKTNAME, ["$DEFCKTNAME"],
+                   [Define to default client keytab name])
+
 AC_CONFIG_FILES(krb5-config, [chmod +x krb5-config])
 V5_AC_OUTPUT_MAKEFILE(.
 

diff --git a/src/include/osconf.hin b/src/include/osconf.hin
index 803d73bd554321d5208f0a721f35ce5c672815aa..c3a33c22b23be93ca95c05abf685a0ae49a3f2dc 100644 (file)
--- a/src/include/osconf.hin
+++ b/src/include/osconf.hin
@@ -42,8 +42,6 @@
 
 #if defined(_WIN32)
 #define DEFAULT_PROFILE_FILENAME "krb5.ini"
-#define DEFAULT_KEYTAB_NAME     "FILE:%{WINDOWS}\\krb5kt"
-#define DEFAULT_CLIENT_KEYTAB_NAME "FILE:%{WINDOWS}\\krb5clientkt"
 #else /* !_WINDOWS */
 #if TARGET_OS_MAC
 #define DEFAULT_SECURE_PROFILE_PATH "/Library/Preferences/edu.mit.Kerberos:/etc/krb5.conf:@SYSCONFDIR/krb5.conf"
@@ -55,8 +53,6 @@
 #define DEFAULT_SECURE_PROFILE_PATH     "/etc/krb5.conf:@SYSCONFDIR/krb5.conf"
 #define DEFAULT_PROFILE_PATH        DEFAULT_SECURE_PROFILE_PATH
 #endif
-#define DEFAULT_KEYTAB_NAME     "FILE:/etc/krb5.keytab"
-#define DEFAULT_CLIENT_KEYTAB_NAME "FILE:/etc/krb5.client-keytab"
 #endif /* _WINDOWS  */
 
 #define DEFAULT_PLUGIN_BASE_DIR "@LIBDIR/krb5/plugins"

diff --git a/src/include/win-mac.h b/src/include/win-mac.h
index 2274d8a51d02c5f35ed02fd3ab6d3dc75889f6f8..daec295b2c9b3e56d186377c17655807479f6057 100644 (file)
--- a/src/include/win-mac.h
+++ b/src/include/win-mac.h
@@ -231,6 +231,9 @@ HINSTANCE get_lib_instance(void);
 
 #define THREEPARAMOPEN(x,y,z) open(x,y,z)
 
+#define DEFKTNAME "FILE:%{WINDOWS}\\krb5kt"
+#define DEFCKTNAME "FILE:%{WINDOWS}\\krb5clientkt"
+
 #ifndef KRB5_CALLCONV
 #define KRB5_CALLCONV
 #endif

diff --git a/src/krb5-config.M b/src/krb5-config.M
index 56661aee7ed01d63b1999880163916f80e89e4b7..ccc869836fa1d40da34407effac3ffcf1175cddd 100644 (file)
--- a/src/krb5-config.M
+++ b/src/krb5-config.M
@@ -53,6 +53,15 @@ prints the prefix with which Kerberos was built.
 \fB\--exec-prefix\fP 
 prints the exec-prefix with which Kerberos was built.
 .TP
+\fB\--defccname\fP
+prints the built-in default credential cache name.
+.TP
+\fB\--defktname\fP
+prints the built-in default keytab name.
+.TP
+\fB\--defcktname\fP
+prints the built-in default client keytab name.
+.TP
 \fB\--cflags\fP 
 prints the compiler flags with which Kerberos was built.
 .TP

diff --git a/src/krb5-config.in b/src/krb5-config.in
index b476b4fdd2051e314aef2d7522380860f9fa4a0a..c950b36b5d48a2f1f9603efeedf4b287b83eada2 100755 (executable)
--- a/src/krb5-config.in
+++ b/src/krb5-config.in
@@ -38,6 +38,9 @@ RPATH_FLAG='@RPATH_FLAG@'
 PROG_RPATH_FLAGS='@PROG_RPATH_FLAGS@'
 PTHREAD_CFLAGS='@PTHREAD_CFLAGS@'
 DL_LIB='@DL_LIB@'
+DEFCCNAME='@DEFCCNAME@'
+DEFKTNAME='@DEFKTNAME@'
+DEFCKTNAME='@DEFCKTNAME@'
 
 LIBS='@LIBS@'
 GEN_LIB=@GEN_LIB@
@@ -58,6 +61,15 @@ while test $# != 0; do
        --cflags)
            do_cflags=1
            ;;
+       --defccname)
+           do_defccname=1
+           ;;
+       --defcktname)
+           do_defcktname=1
+           ;;
+       --defktname)
+           do_defktname=1
+           ;;
        --deps)
            do_deps=1
            ;;
@@ -102,7 +114,10 @@ while test $# != 0; do
 done
 
 # If required options - provide help
-if test -z "$do_all" -a -z "$do_version" -a -z "$do_vendor" -a -z "$do_prefix" -a -z "$do_vendor" -a -z "$do_exec_prefix" -a -z "$do_cflags" -a -z "$do_libs"; then
+if test -z "$do_all" -a -z "$do_version" -a -z "$do_vendor" -a \
+    -z "$do_prefix" -a -z "$do_vendor" -a -z "$do_exec_prefix" -a \
+    -z "$do_defccname" -a -z "$do_defktname" -a -z "$do_defcktname" -a \
+    -z "$do_cflags" -a -z "$do_libs"; then
     do_help=1
 fi
 
@@ -116,6 +131,9 @@ if test -n "$do_help"; then
     echo "        [--vendor]        Vendor information"
     echo "        [--prefix]        Kerberos installed prefix"
     echo "        [--exec-prefix]   Kerberos installed exec_prefix"
+    echo "        [--defccname]     Show built-in default ccache name"
+    echo "        [--defktname]     Show built-in default keytab name"
+    echo "        [--defcktname]    Show built-in default client keytab name"
     echo "        [--cflags]        Compile time CFLAGS"
     echo "        [--libs]          List libraries required to link [LIBRARIES]"
     echo "Libraries:"
@@ -161,6 +179,21 @@ if test -n "$do_exec_prefix"; then
     $all_exit
 fi
 
+if test -n "$do_defccname"; then
+    echo "$DEFCCNAME"
+    $all_exit
+fi
+
+if test -n "$do_defktname"; then
+    echo "$DEFKTNAME"
+    $all_exit
+fi
+
+if test -n "$do_defcktname"; then
+    echo "$DEFCKTNAME"
+    $all_exit
+fi
+
 if test -n "$do_cflags"; then
     if test x"$includedir" != x"/usr/include" ; then
         echo "-I${includedir}"

diff --git a/src/lib/krb5/libkrb5.exports b/src/lib/krb5/libkrb5.exports
index 28049e7879c31d2d61fe04c39c2b5ea10eceb451..3f2716a2fa649e55efc271c76fd9889491e142c7 100644 (file)
--- a/src/lib/krb5/libkrb5.exports
+++ b/src/lib/krb5/libkrb5.exports
@@ -242,7 +242,6 @@ krb5_decode_ticket
 krb5_decrypt_tkt_part
 krb5_default_pwd_prompt1
 krb5_default_pwd_prompt2
-krb5_defkeyname
 krb5_deltat_to_string
 krb5_do_preauth
 krb5_encode_authdata_container

diff --git a/src/lib/krb5/os/ccdefname.c b/src/lib/krb5/os/ccdefname.c
index cb9bb7c9384917151ff7f9bf3b653c4bfb69188b..a2d549da688d6965e27a46d4da614cb48cb7a4f7 100644 (file)
--- a/src/lib/krb5/os/ccdefname.c
+++ b/src/lib/krb5/os/ccdefname.c
@@ -226,10 +226,8 @@ get_from_os(krb5_context context)
 static void
 get_from_os(krb5_context context)
 {
-    char *name;
-
-    if (asprintf(&name, "FILE:/tmp/krb5cc_%ld", (long)getuid()) >= 0)
-        context->os_context.default_ccname = name;
+    (void)k5_expand_path_tokens(context, DEFCCNAME,
+                                &context->os_context.default_ccname);
 }
 
 #endif /* not _WIN32 */

diff --git a/src/lib/krb5/os/ktdefname.c b/src/lib/krb5/os/ktdefname.c
index 93b28dd38c2eedd5ef742020bf06f8f58be7b5aa..ffbd14d519b0178f15f103100e33727fd295d8b0 100644 (file)
--- a/src/lib/krb5/os/ktdefname.c
+++ b/src/lib/krb5/os/ktdefname.c
@@ -29,8 +29,6 @@
 #include "k5-int.h"
 #include "os-proto.h"
 
-extern char *krb5_defkeyname;
-
 /* this is a an exceedinly gross thing. */
 char *krb5_overridekeyname = NULL;
 
@@ -54,7 +52,7 @@ kt_default_name(krb5_context context, char **name_out)
         profile_release_string(str);
         return ret;
     } else {
-        return k5_expand_path_tokens(context, krb5_defkeyname, name_out);
+        return k5_expand_path_tokens(context, DEFKTNAME, name_out);
     }
 }
 
@@ -75,8 +73,7 @@ k5_kt_client_default_name(krb5_context context, char **name_out)
         profile_release_string(str);
         return ret;
     } else {
-        return k5_expand_path_tokens(context, DEFAULT_CLIENT_KEYTAB_NAME,
-                                     name_out);
+        return k5_expand_path_tokens(context, DEFCKTNAME, name_out);
     }
 }
 

diff --git a/src/lib/krb5/os/osconfig.c b/src/lib/krb5/os/osconfig.c
index b6013c5cff89af2291868079af3a14ca4cf3b354..1f6be6fecc1d64ae9aad73e8cb9458f5ad8d880e 100644 (file)
--- a/src/lib/krb5/os/osconfig.c
+++ b/src/lib/krb5/os/osconfig.c
@@ -35,8 +35,6 @@
 
 #include "k5-int.h"
 
-char *krb5_defkeyname  = DEFAULT_KEYTAB_NAME;
-
 unsigned int krb5_max_dgram_size = MAX_DGRAM_SIZE;
 
 const char *krb5_default_pwd_prompt1 = DEFAULT_PWD_STRING1;

diff --git a/src/man/Makefile.in b/src/man/Makefile.in
index b6f38c9b8aeddab3e7d1d0c6710f4ceb07b65596..15a4d53b94237e9fd88ce2df48edcaf2f87e8085 100644 (file)
--- a/src/man/Makefile.in
+++ b/src/man/Makefile.in
@@ -6,6 +6,9 @@ GROFF=@GROFF@
 GROFF_MAN=$(GROFF) -mtty-char -Tascii -mandoc -c
 localstatedir=@localstatedir@
 sysconfdir=@sysconfdir@
+DEFCCNAME=@DEFCCNAME@
+DEFKTNAME=@DEFKTNAME@
+DEFCKTNAME=@DEFCKTNAME@
 
 MANSUBS=k5identity.sub k5login.sub k5srvutil.sub kadmin.sub kadmind.sub \
        kdb5_ldap_util.sub kdb5_util.sub kdc.conf.sub kdestroy.sub kinit.sub \
@@ -35,7 +38,10 @@ rstman:
            -e 's|@SBINDIR@|$(SERVER_BINDIR)|g' \
            -e 's|@LIBDIR@|$(KRB5_LIBDIR)|g' \
            -e 's|@LOCALSTATEDIR@|$(localstatedir)|g' \
-           -e 's|@SYSCONFDIR@|$(sysconfdir)|g' $? > $@
+           -e 's|@SYSCONFDIR@|$(sysconfdir)|g' \
+           -e 's|@CCNAME@|$(DEFCCNAME)|g' \
+           -e 's|@KTNAME@|$(DEFKTNAME)|g' \
+           -e 's|@CKTNAME@|$(DEFCKTNAME)|g' $? > $@
 
 all:: $(MANSUBS)